Security Operations Expert, Novartis, Prague, Czech Republic
The purpose of Security Operations Expert is to to defend Novartis and its patients by investigating security incidents that have been triaged and escalated by the first level staff of the Novartis Security Operations Center.
This includes performing analysis of indicators of compromise, investigating security incidents by reviewing relevant security data, coordinating with impacted application owners and users and implementing or arranging remediation actions.
Your Responsibilities :
Your responsibilities include, but not limited to :
Handles security incidents escalated from L1 SOC using Security Incident Response life cycle (preparation; detection and analysis, containment, eradication and recovery; post-incident activity)
Monitor L2 escalation queues within incident response tools, Investigates, resolves standard level incidents using various security event sources (FW, IDS, PROXY, AD etc.)
Escalates to L3 if investigations uncover unusual or atypical situations
Works directly with L1s for incident response and improves existing documentation of work instructions.
Checks incidents for quality and improvement, reviews and updates existing use cases and work instructions & keeps accurate incident records
Provides incident information to IR leads and coordinators for reporting
Collaborates with other security teams in the global IT Security organization in Novartis
You’ll receive :
Monthly pension contribution matching your individual contribution up to max 3% of your gross monthly basic salary; Risk Life Insurance and insurance in case of long term sickness;
5-week holiday per year; (1 week above the Labour Law requirement) ; 4 paid sick days within one calendar year in case of absence due to sickness without a medical sickness report;
Cafeteria employee benefit program choice of benefits from Edenred CZ in the amount of 12,500 CZK per year; Meal vouchers in amount of 80 CZK for each working day (full tax covered by company);
Public Transportation allowance; MultiSport Card. Find out more about Novartis Business Services : https : / / www.novartis.cz /
Why consider Novartis?
927 million. That’s how many lives our products touched in 2017. And while we’re proud of that fact, in this world of digital and technological transformation, we must also ask ourselves this : how can we continue to improve and extend even more people’s lives?
We believe the answers are found when curious, courageous and collaborative people like you are brought together in an inspiring environment.
Where you’re given opportunities to explore the power of digital and data. Where you’re empowered to risk failure by taking smart risks, and where you’re surrounded by people who share your determination to tackle the world’s toughest medical challenges.
Join us and help us reimagine medicine.
What you’ll bring to the role :
BA or BS in Computer Science, Information Technology or related field highly desired
Experience with IT security incident response, host and network investigations, malware analysis
Certifications such as CISSP, Certified Intrusion Analyst (GIAC), Certified Ethical Hacker (CEH) preferred
3+ years in incident response or related IT or IT Security field, Hands-on experience with security tools and devices, operating systems, and / or networking devices desired
Knowledge of IT Security Standards, Control Frameworks and Risk Management techniques & proven skills and experience in log analysis, incident investigations including guidance for remediation
Novartis are an equal opportunities employer and welcome applications from all suitably qualified persons.